The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Lateral movement-based attacks are increasingly leading to compromises in large private and government networks, often resulting in information exfiltration or service disruption. Such attacks are often slow and stealthy and usually evade existing security products. To enable effective detection of such attacks, we present a new approach based on graph-based modeling of the security state of the target...
The research literature on cybersecurity incident response is very rich in automatic intrusion detection methodologies. The most accepted approach to compare the detection performance of the methods is by using a real traffic data set where normal traffic and anomalies are conveniently combined and labeled. In this paper, we follow this approach in a real network where a number of controlled attacks...
There is a growing need for Vehicular Ad-hoc Networks (VANETs), in which vehicles communicate with each other (i. e., Vehicle to Vehicle, V2V) or with the infrastructure (i. e., Vehicle to Infrastructure, V2I) on a wireless basis. This paper presents an improved traffic monitoring system for VANET applications via a proposed security scheme. Specifically, the proposed model analyzes the monitored...
In recent years, social networks have experienced strong growth in both size and popularity. One of the main characteristics of these systems is their reliance on users as the primary contributors of content. This dependence makes the users of these systems the best targets for malicious behavior. In an effort to preserve community value and ensure long term success, the proposed approach is based...
With the security situation in Cyberspace constantly becoming worse, Cyber threat detection has attracted a lot of researching attentions. In this paper, existing detection technologies are firstly reviewed. Secondly, a framework of capturing the abnormal traffic of botnets is proposed. Major modules and key detection techniques are presented at the same time. The hidden threat detection in physically...
Virtual machine introspection plays an important role in the area of security. Most virtual machine introspection mechanisms either poll the VM state actively or intercept the VM execution passively. Unfortunately, the active introspection approach cannot acquire information in real time, while the information acquired by passive method is fragmented and is hard to build complete semantic views of...
The Internet-of-Things relies on ad-hoc connections, which also requires an on-demand approach to the negotiation of security parameters. We propose a new approach to shared key derivation for Body Area Networks (BANs). Body area networks are quickly becoming increasingly important in the world of healthcare with wide application in the treatment and monitoring of chronic patients using on-body devices...
Attacks on critical infrastructures are beginning to increase in number and severity. They are often initiated by highly skilled attackers, who are capable of deploying advanced attacks to exfiltrate data or even to cause physical damage. In this paper, we re-visit the rationale for protecting against cyber attacks and propose a framework to monitor, detect and evaluate anomalous behaviour within...
Cloud computing is the latest trend in business for providing software, platforms and services over the Internet. However, a widespread adoption of this paradigm has been hampered by the lack of security mechanisms. In view of this, the aim of this work is to propose a new approach for detecting anomalies in cloud network traffic. The anomaly detection mechanism works on the basis of a Support Vector...
Support Vector Machines (SVM) have been considered for real-life machine learning applications in various fields. Security concerns in modern industrial networks, also used in critical infrastructures, require novel monitoring techniques applicable for these constrained, real-time environments. Characteristics of these networks' traffic indicate that SVM can be a powerful tool for realizing a self-configuring...
This paper presents preliminary findings on a novel method to remotely fingerprint a network of Cyber Physical Systems and demonstrates the ability to remotely infer the functionality of an Industrial Control System device. A monitoring node measures the target device's response to network requests and statistically analyzes the collected data to build and classify a profile of the device's functionality...
Though current workflow systems, known as the major task managing tool in data-center, use UNIX-based user/group authorization mechanisms to defend unauthorized operations, the information in workflow systems, such as DAG (Directed Acyclic Graph), could be easily exposed to any user-level malicious monitor. In this paper, we propose a type of side channel attack to data-center workflow information...
Crowd monitoring is an important task of security forces. If an emergency occurs during large events, authorities should take urgent measures to prevent causalities. Also understanding crowd dynamics such as tracking crowds or sparse people goups before an emergency occurs is a need. Therefore, crowd detection and analysis is a critical research area. There are several studies for crowd monitoring...
Malicious program or malware is a computer program which was written intentionally to harm computing system. Malware protection involves several sub-tasks namely Monitoring, Prevention, Analysis, Detection, Removal and Recovery. This paper proposes a static heuristic based scoring system that gives a maliciousness score to portable executable files. Malicious score can be used at different stage of...
Advanced networking technology and increasing information services have led to extensive interconnection between Building Automation and Control (BAC) networks and Internet. The connection to Internet and public networks massively elevates the risk of the BAC networks being attacked. In this paper, we present a framework for a rule based anomaly detection of Building Automation and Control networks...
The rational allocation of water resources has become an important prerequisite for the protection of national economic and social sustainable development as the China economic develops rapidly, therefore establishing water security environment monitoring and evaluation mechanisms is a good way for providing services and solutions for regional environmental management and accident pollution. Considering...
In seas security supervision, we should conduct feature extraction and match for consecutive frames in order to effectively reduce the jitter caused by wind-induced vibration. Harris corner point detection algorithm is widely used in feature extraction for images. An improved algorithm for Harris corner detection is proposed in this paper since the feature points of images with large size, high pixel...
Abstract- Voice over IP (VoIP) technologies such as Skype are becoming increasingly popular and widely used in different organisations, and therefore identifying the usage of this service at the network level becomes very important. Reasons for this include applying Quality of Service (QoS), network planning, prohibiting its use in some networks and lawful interception of communications. Researchers...
Humans are poorly equipped to perform repetitive tasks without adversely affecting the efficiency with which they are performing the task. Assets within a secure environment are usually protected with various controls that are enforced by users who follow operational controls associated to those assets. The current approach to security monitoring by means of video cameras are performed by a person...
Network Intrusion Detection is the most happening field of the network security research. It is a new kind of defense technology of the network security, used as a countermeasure to preserve data integrity and system availability during an intrusion. An ideal IDS system should be capable of evolving itself to identify not only known attacks but also unknown attacks. Algorithms based on Genetic Engineering...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.